package com.acme.controller;

import java.util.Map;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.mail.SimpleMailMessage;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.acme.dao.UserDAO;
import com.acme.dao.security.DBUserDAO;
import com.acme.entity.User;
import com.acme.entity.security.DBAuthority;
// Test Commit
@Transactional
@Controller
@RequestMapping(value = "/register")
public class RegistrationController {

	@Autowired
	private UserDAO userDAO;

	@Autowired
	private DBUserDAO dbUserDAO;
	
	@Autowired @Qualifier("accountCreatedEmail")
	private SimpleMailMessage accountCreatedEmail;
	
	@Autowired
	private JavaMailSender mailSender;
	
	@RequestMapping(method = RequestMethod.GET)
	public String registration(Map<String, Object> model){

		User userForm = new User();
		model.put("userForm", userForm);

		return "Registration";
	}
	@RequestMapping(method = RequestMethod.POST)
	public String processRegistration(@ModelAttribute("userForm") User user, DBAuthority dbAuthority) 
	{
		String errorLink = "redirect:/register";
		
		if(userDAO.getUsername(user.getUsername()) != null){
			errorLink += "?uNameError=true";
		}
		if(userDAO.getUserEmail(user.getEmail()) != null){
			if(errorLink.contains("?"))
				errorLink += "&emailError=true";
			else
				errorLink += "?emailError=true";
		}
		
		if(errorLink.contains("Error=true")){
			return errorLink;
		}

		user.setAccessType("user");
		user.setEnabled(true);


		//this block will hash the password entered by the user
		String passhash;
		BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
		passhash = passwordEncoder.encode(user.getPassword());
		user.setPassword(passhash);

		// block out all but last four of SSN
		String SSN = user.getSSN();
		String maskedSSN = "***-**-" + SSN.substring(7);
		user.setSSN(maskedSSN);
				
		userDAO.updateUser(user);
		//Insert the user into the authorities table
		dbAuthority.setAuthority("ROLE_USER");
		dbAuthority.setUserId(dbUserDAO.getUserByUsername(user.getUsername()).getUserID());
		dbUserDAO.addAuthority(dbAuthority);
		sendAccountCreatedEmail(user);
		return "regSuc";
	}
	
	private void sendAccountCreatedEmail(User user) {
		String name = user.getfName() + " " + user.getlName();
		SimpleMailMessage message = new SimpleMailMessage();
		message.setTo(user.getEmail());
		message.setFrom(accountCreatedEmail.getFrom());
		message.setSubject(accountCreatedEmail.getSubject());
		message.setText(String.format(accountCreatedEmail.getText(), name, "https://192.168.3.153:8080/AcmeClaims/MyAccount"));
		mailSender.send(message);
		}
}

